Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Pen-Test
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: DoS/DDoS Attack

from [rzaluski] Network Security [Permanent Link]
Subject: RE: DoS/DDoS Attack
Date: Sat, 15 Jan 2005 11:32:47 -0500 
Speaking of DoS.

Does anyone have a compiled list of commercial and open source products that
do stop DoS attacks? Or at least mitigate them to some extent?

Richard Zaluski
CISO, Security and Infrastructure Services 
iVolution  Technologies Incorporated
905.309.1911
866.601.4678
905.524.8450 (Pager)
www.ivolution.ca
rzaluski@ivolution.ca
 
Key fingerprint = DB39 7FC3 1F5D AD94 85DD  78B0 774D
 
=======================================================================
CONFIDENTIALITY NOTICE: This email message, including any 
attachments, is for the sole use of the intended recipient(s) and may 
contain confidential and privileged information. If you are not the 
intended recipient, please contact the sender. Any unauthorized review, 
use, disclosure, or distribution is prohibited.
=======================================================================
-----Original Message-----
From: Gregory D. McPhee [mailto:greg@mcpheecomm.com] 
Sent: Friday, January 14, 2005 6:50 PM
To: Faisal Khan; pen-test@securityfocus.com
Subject: RE: DoS/DDoS Attack


Faisal:

Stopping a good DDOS attack isn't easy, but there are good products out
there that are designed to do just that.  However, there are a lot of
products that claim to have 'DDOS' protection, but they really just
offer some form of connection based rate limiting or limited "proxy on"
service.  Some products have added the label for marketing reasons, but
don't really have anything.

The only device I've seen that really protects against this is the Top
Layer IPS 5500.  Other IPS products have good content-filtering and
signature libraries, but you didn't ask for that.

Greg... 


-----Original Message-----
From: Faisal Khan [mailto:faisal@netxs.com.pk] 
Sent: Friday, January 14, 2005 1:06 AM
To: pen-test@securityfocus.com
Subject: DoS/DDoS Attack



Folks,

Two quick questions.

When IP (Source) addresses are spoofed, is there no way of determining
(a) 
that the IP Source Addresses is spoofed and not the genuine one (b) to
be 
able to determine the actual IP address that is sending DoS packets?

Somehow I get the feeling I'm SOL when trying to find out the 
"genuine/actual" source IP address.

If this is the case, then pretty much we all are helpless with DoS/DDoS 
attacks - considering one can write a script/program to keep
incrementing 
or randomly assigning spoofed source addresses in the DoS packets being 
sent out.

Faisal





Faisal Khan,  CEO
Net Access Communication
Systems (Private) Limited
________________________________

Network Security - Secure Web Hosting
Managed Internet Services - Secure Email
Dedicated Servers - Reseller Hosting

Visit www.netxs.com.pk for more information.

Attachment: rzaluski@ivolution.ca (rzaluski@ivolution.ca).vcf
Description: Vcard

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  priviledge escalation techniques, Dan Rogers
Next by Date:  RE: Creating a Custom Trojan after Social Engineering, Todd Towles
Previous by Thread:  RE: DoS/DDoS Attack, Gregory D. McPhee
Next by Thread:  RE: DoS/DDoS Attack, FXCM - Brandon Palmer
Indexes:  [Date] [Thread] [Top] [All Lists]